![People in a meeting](http://s40188.p1443.sites.pressdns.com/wp-content/uploads/2019/02/iStock-507635414-750-450-b.jpg)
- Identify IT risks
- Assess the implications of those risks
- Put in place systems to limit the potential damage
- Are our firewalls secure and fit for purpose?
- Are our security settings the right ones?
- Who can access what data?
- Is our malware and virus protection adequate?
- What arrangements are there for keeping devices/software up to date?